<?php

namespace APP\Ctrl;
use CMS\Ctrl as Base;
use CMS\Helper as Helper;

class Login extends Base {
	// construct
	public function run() {
		// already logged in?
		if(isset($this->session->auth))
			die(new Index());

		// manage uri paths
		if(count($this->uri) > 0) {
			@list($func) = $this->uri;
			$this->$func();
		} else $this->index();
	}

	// index page
	public function index() {
		$this->view->func = 'index';

		// set path
		$this->view->path = array(
			'func' => $this->view->func
		);
	}

	// authenticate
	public function auth() {
		// get from post
		$email = $this->request->post('email');
		$password = $this->request->post('password');
		$remember = $this->request->post('remember', 'int');
		if(is_null($email) || is_null($password) || is_null($remember))
			return $this->json = array('success' => false);

		// process vars
		$email = $this->db->escapeString(strtolower($email));
		$password = md5(sha1($password . SALT1) . SALT2);

		// check for email
		$result = $this->db->querySingle("SELECT id, name, password FROM users WHERE lower(email) = '{$email}'", true);
		if(!$result)
			return $this->json = array('success' => false);

		// check for password
		if($result['password'] != $password)
			return $this->json = array('success' => false);

		// set as logged in
		$this->session->auth = $result;
		if($remember)
			$this->cookie->auth = base64_encode($result['password'] . $result['id']);
		else { // in case we have it set, delete it
			if(isset($this->cookie->auth))
				unset($this->cookie->auth);
		}

		// here? then by all means you are authenticated
		return $this->json = array('success' => true, 'user' => array(
			'name' => $result['name']
		));
	}

	// ajax name and email checks
	public function check() {
		// get from post
		$name = $this->request->post('name');
		$email = $this->request->post('email');

		// checking name?
		if(!is_null($name)) {
			$name = $this->db->escapeString(strtolower($name));
			$result = $this->db->querySingle("SELECT name FROM users WHERE lower(name) = '{$name}'");
			return $this->json = array('success' => !(bool)$result);
		}

		// checking email?
		if(!is_null($email)) {
			$email = $this->db->escapeString(strtolower($email));
			$result = $this->db->querySingle("SELECT email FROM users WHERE lower(email) = '{$email}'");
			return $this->json = array('success' => !(bool)$result);
		}

		// here? wtf happend
		return $this->json = array('success' => false);
	}

	// register
	public function signup() {
		// get from post
		$name = $this->request->post('name');
		$email = $this->request->post('email');
		$password = $this->request->post('password');
		if(is_null($name) || is_null($email) || is_null($password))
			return $this->json = array('success' => false);

		// process vars
		$name = $this->db->escapeString(ucfirst($name));
		$email = $this->db->escapeString(strtolower($email));
		$password = md5(sha1($password . SALT1) . SALT2);

		// add user
		$this->db->exec("INSERT INTO users (name, rank, email, password) VALUES ('{$name}', '{$this->settings['rank_apply']}', '{$email}', '{$password}')");

		// send a nice email :)
		$eml = Helper::load_email('signup.txt', $name, $this->settings['blizz_guild'], $this->settings['blizz_guild']);
		if($eml) {
			$eml[0] = sprintf($eml[0], $this->settings['blizz_guild']);
			$this->email->send($email, $name, $eml);
		}

		// get id
		$id = $this->db->lastInsertRowID();

		// set as logged in
		$this->session->auth = array('id' => $id);
		$this->cookie->auth = base64_encode($password . $id);

		// yay success
		return $this->json = array('success' => true, 'user' => array(
			'name' => $name
		));
	}
}